Redirecting user to acustom page depending on security role after glassfish

Similar Messages

• How to redirect user from login page to "Set Challenge question" page

  How to redirect user from login page to "Set Challenge question" page (NOT custom page) after 3 un successful password attempts?
  Meaning when user types wrong password 3 times they will be redirected to set Challenge question page. If user answers the challenge question then password reset page should be appeared other wise (after remaining 3 un successeful challenge question answers) account should be locked out.
  thanks for your help.

  hi sandeep
  Thanks for your answer. Let me ellaborate more on the requirement here.
  - Password Policy and Lost Password management are set up in the identity system
  - Configure login tries allowed= 5. Verify accout is lock out after 5 unsucessful login.
  This is what need to achieve.
  1) If a user attempts to login 3(not 5) times using an incorrect login credential he/she should be redirected to set challenge question (security question) page.
  2) Then if the user attempts (remaining) 2 times incorrect challenge answer then his/her account should be locked out.
  3) If he/she answers the challenge answer correctly then he/she should be redirected to password reset page.
  Is this possible?

• Open popup window and redirect user to home page in sandboxed solution

  i've created a sandboxed solution visual webpart and it has submit button so when user fills the information in the text boxes availble in webpart and clicks submit button so I want to open popup button containg success message and ok button so when user
  clicks ok button in popup window i want user to be redirected to the home page of the site.
  i tried to open popup and showed success message by below code
   string gotohomepage = "http://sp2013:1111/Pages/home.aspx";
                  ScriptManager.RegisterStartupScript(this, this.GetType(), "message", "alert('Your Record has been submitted successfully,you will be redirected to home Page shortly');location.href =
  '" + gotohomepage + "';", true);
  but it's not opening popup window can anyone help how do i open popup window and redirect user to home page in sandboxed solution

  Page class and script manager are not supported in sandbox solution
  You can create model popup to achieve this
  below are the reference links
  http://blogs.msdn.com/b/chaks/archive/2011/09/14/modal-dialog-box-in-sharepoint-sandbox.aspx
  http://social.msdn.microsoft.com/Forums/en-US/9427db4d-60f2-4b2a-8db6-b50d01ac4f23/how-to-create-modal-popup-using-sandboxed-solution

• Redirecting user to login page after session expiry

  Hi,
  Default session expiry implementation in sap EP6.0 doesn't work properly. To overcome this, we have implemented one component where we check the idle time and throw the user back to the login page if the idle time has exceeded the session expiry period. This component has been added to desktop inner page as an iView. Following is the logic put in this component.
  IAuthentication ia = UMFactory.getAuthenticator();
  ia.logout(httpRequest, httpResponse);
  httpResponse.sendRedirect("/irj/portal");
  We are successfully getting the login page after session expiry. Issue is, our portal server is running on 11111 port. We cannot change this to 80 on unix because of unix limitations for the port number. So we have put one apache web server before our portal server. Apache web server is listening on port 80 and forwarding the request to our portal server.
  Now when user is redirected to the login page, url being shown in the browser is http://<host_name>:11111/irj/portal but I am expecting http://<host_name>/irj/portal (without port). I have tried putting the full url in sendRedirect() method but that too doesn't work.
  Any help is highly appreciated.
  Regards,
  Chandra

  Hi Chandra,
  Let the URL be relative in the sendRedirect i.e.
  httpResponse.sendRedirect("/irj/portal");
  However since you have a Reverse proxy in front, the response header for redirect will not contain the address of the reverse proxy in this case, your servername without port. You have to properly configure your reverse proxy so that the HTTP Headers are changed properly before sending the response to the users.
  Check this URL,
  http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypassreverse
  This gives you the details on configuring your apache.
  Hope this helps.
  Ankur
  P.S. If this helps please reward points.

• How to redirect users to certain page on login

  Hello All,
  I need to redirect users to page 1 after login even if they use a direct URL pointing to some other page. How do i achieve this?
  Ex:
  User logs in using URL:
  http://localhost:port/apex/f?p=101:10:1818843916449354::NO:::should redirect him to below page instead of 10:
  http://localhost:port/apex/f?p=101:1:2314843916462565::NO:::Appreciate your reply.
  Thanks and Regards,
  Senana

  Hello Senana,
  Assuming you're using wwv_flow_custom_auth_std.login to log in, and p_flow_page is set to "[your app id]:1" try placing the following line just before your call to wwv_flow_custom_auth_std.login:
  :FSP_AFTER_LOGIN_URL := null;This should force user to page 1 after log-in.
  Hope this helps,
  John

• Redirect user/show default page when using entitlements

  Hello,
  We have created a few entitlements and placed these are a number of books and pages. The entitlements check and compare a specific set of attributes in the session object.
  Currently, if a user accesses a page with one of these entitlements all they see is the header and footer defined in the desktop shell. The backing file and portlets in the page do not look to be invoked or rendered, which is what I expected.
  Is there a way such that if a customer accesses a page of this type, to redirect them or possibly show default content in the page so it is more meaningful?
  Regards,
  Jonathan

  Hi...
  Thanks for asking....
  As I put in my post before, I include template0 in my template1, as seen in template1 (AHM001):
  <af:pageTemplateDef var="attrs">
  *<af:pageTemplate viewId="/template/AHM000.jspx">*
  I use AHM000 inside AHM001. I use this approach to build many template based on one basic design.
  Actually, I don't think the problem is in page template usage because as I submitted paralel to Metalink, I've already not called template0 in template1 but I copy template0's contents to template1.
  Unfortunately, page designer show small view and below error messages still occured.
  *Jun 7, 2009 10:25:20 PM ComponentMetadataHandler _error*
  WARNING: error parsing component tag in file: /AhmTestTemplate-ViewController1-context-root/template/AHM001.jspx/tag:xmlContent/id:null
  org.xml.sax.SAXParseException: <Line 115, Column 51>: XML-20100: (Fatal Error) Expected 'EOF'.
  Fortunately my application can be run already altough the error message still logged.
  Many thanks,
  Dominic C.

• Showing or hiding buttons/ enabling text boxes depending upon security role in Portal

  Hi All,
  Is it possible to show or hide ceratin text box or buttons depending on the security
  role of the user ? Let's suppose we have screen with buttons update, delete. Now
  we want that when a administrator logs in he will see a screen with data in editable
  text boxes and update and delete button. In case of normal user, only the phone
  no. will be editable and he can't see the delete button.
  Is it possible using portal feature ?
  Any suggestion is welcome.
  TIA,
  Sudarson

  Sudarson,
  Not that I know of. If you'd like to eloborate on the feature you're
  building I can log an enhancement request for you.
  Sincerely,
  Daniel Selman
  "sudarson" <[email protected]> wrote in message
  news:3c5f698e$[email protected]..
  >
  Hi Daniel,
  Thanks for the reply. I think, I should elaborate my query.
  Yeah, programattically we can do the stuff. But my question is that isthere any
  such feature in weblogic portal so that in stead of using is UserInRoleand doing
  it programatically, we can do it thru portal, thus having bettermaintainability.
  >
  Regards,
  Sudarson
  "Daniel Selman" <[email protected]> wrote:
  Sudarson,
  Yes this is possible. You can programmatically check the logged in user's
  role within your JSP and react accordingly (all standard J2EE). You
  should
  do this with caution however as you could quickly create a maintenance
  problem for yourself. Declarative security externalizes all security
  settings (groups. permissions etc.) away from application code and is
  usually to be preferred.
  Programmatic security through EJB mechanisms such as the SessionContext
  isCallerInRole and getCallerPrincipal methods and web-tier methods
  getRemoteUser, isUserInRole and getUserPrincipal.
  http://java.sun.com/j2ee/j2sdkee/techdocs/guides/ejb/html/Security5.html
  Sincerely,
  Daniel Selman
  "sudarson" <[email protected]> wrote in message
  news:3c5e81cf$[email protected]..
  Hi All,
  Is it possible to show or hide ceratin text box or buttons dependingon
  the security
  role of the user ? Let's suppose we have screen with buttons update,delete. Now
  we want that when a administrator logs in he will see a screen withdata
  in editable
  text boxes and update and delete button. In case of normal user, onlythe
  phone
  no. will be editable and he can't see the delete button.
  Is it possible using portal feature ?
  Any suggestion is welcome.
  TIA,
  Sudarson

• Change SQL 2012 Security roles after installation

  I installed SQL 2012 SP1  Standard edition and during the setup it asked me for the users for various service . I choose to keep them as default  
  After the installation i could see the services were not started, so i changed everything to Local System 
  Also in future i may need to change them to run under some domain service account.
  What steps do i have to take to make sure approprate rights are granted to the accounts that run the SQL services. I could see Local System just had Public security role.
  Can someone guide me on verifying what the security roles for accounts should be.

  running them as domain account is  a good thing and it does not need to part of admin group.
  make sure your domain account has access backup paths/locations.
  Also, make sure your account has "perform volume maintanence tasks" - to make use of INF.
  Is your system 64 bit or 32 bit. if 64 bit, you are okay else you will need to enable lock pages in the memory for the service.
  Below are the links to some articles that talk about this:
  http://www.mssqltips.com/sqlservertip/2503/how-to-create-secure-sql-server-service-accounts/
  http://blogs.msdn.com/b/askjay/archive/2011/02/28/required-rights-for-sql-server-service-account.aspx
  http://technet.microsoft.com/en-us/library/ms191543(v=sql.110).aspx
  http://blogs.msdn.com/b/sqlserverfaq/archive/2010/05/28/inf-permissions-required-for-sql-server-service-account-to-use-ssl-certificate.aspx
  Hope it Helps!!

• How to redirect users to Custom Page on InfoView logoff

  Post Author: Srinivas123
  CA Forum: WebIntelligence Reporting
  How to redirect the users on InfoView logoff to a custom page, instead of the default logon.aspx.   

  Hello Senana,
  Assuming you're using wwv_flow_custom_auth_std.login to log in, and p_flow_page is set to "[your app id]:1" try placing the following line just before your call to wwv_flow_custom_auth_std.login:
  :FSP_AFTER_LOGIN_URL := null;This should force user to page 1 after log-in.
  Hope this helps,
  John

• How to redirect users to different pages after logging in?

  Please HELP this is doing my head in.
  I have created a login for a site using dreamweavers login tools, but I need to direct users to their individual pages, as Dreamweaver shows only one.
  I here you can store urls in you data base then call on them depending on the user is this correct ?
  Or is there another way ?
  Could someone show me what I need to do ?
  Any help would be appreciated
  Dazza

  Hi
  It would become a long reply if I showed you, and I would require your database structure. So this is a simple 'things to do / steps to take' list.
  (the access level and user id, (not the same as database table id) are used interchangeable here)
  The first item is to ensure you have your database set-up to allow the items to be recovered from it dependant upon the users id/access level. This could be done via a simple access level being set, the access level would be set in the user table and the page content from the database would have a matching column in the table for content.
  The DW authentication server behaviour will set the access level in the same session variable at the same time as the logged-in session is set, (see the DW documentation on user authentication for how to use this feature).
  It would then be a simple matter of retrieving the information for the page using the DW recordset query server behaviour, which can also automatically set the access level in the query code to ensure that the items to be retrieved matches the access level.
  The biggest problem most people who try to set-up a restricted access section of a site, is not the server behaviour to restrict access to content, but the cms section of the site to create the content as required. For this is may be worth while reading - http://www.adobe.com/devnet/dreamweaver/articles/first_dynamic_site_pt1.html, although your database code would be slightly different as you would require the access level/user id be used to 'filter' the results returned and the items for the user to view, (links to content) also must be access level/user id dependant, (tip, use conditional region code for this).
  PZ

• Trying to redirect users to new page

  I have a small section of a site - 5 pages - that display some reports.
  A set of 5 pages to replace those pages have been developed.
  My thought was to add a content editor web part on each of the old pages that would contain javascript such as:
  <script type=”text/javascript”>
  <!--
  window.location = “http://mysite/sites/us/new_summary.aspx”
  //-->
  </script>
  Then I would mark it as hidden. I was expecting that when I visited the page, I would be redirected to the new summary page.
  However, I am not being redirected.
  Is there something else that I need to do to get this to work?
  Thank you.

  So, out of the 4 (not 5 as I thought) pages that I have to redirect, I was able to get 3 to do exactly what I wanted.
  I did the same steps:
  Page > Edit Page > Add a Web Part > Category > Media and Content > ContentEditorWebPart >Add
  Click on “Click here to add new content”. Nothing needs to go here
  Click on web part menu (top right corner). Select Edit Web Part
  Advanced > Uncheck minimize, close, zone change, connections, editing in personal view
  Click Apply
  Copy URL of RedirectSummary.txt and  paste into Content Link URL box
  Click Apply
  Page > Stop Editing
  The only differences for this time are:
  1. the page being edited is in a different location than the other 3
  2. the URL for the .txt file is different
  3. The contents of the .txt has a different URL for the window.location.
  However, this last page won't redirect like the others.
  Does anyone have any ideas on things I could do to identify the situation?
  I tried turning on the developer tool in IE11. There is so much javascript listed that it would be difficult for me to know if there was a reason something was interfering.

• JDev EA1 Error with JAZN/Security Roles/Authentication

  I have a current JSF application created under JDev 10.1.3 Preview which runs fine, but under JDev EA1 it crashes.
  The application has a JAZN definition with a realm and user defined. The user is also tied to a security role.
  In the web.xml I have a security role defined and security constraints. I also have the security-role-mappings in the orion-application.xml for deployment which uses OID to authenticate.
  This all works fine in JDev 10.1.3 preview.
  When I run the application in JDev EA1, the login dialog does not appear and the application crashes because it can't authenticate who is using the application. I have deleted and recreated the Jazn user and security roles under EA1.
  I have noticed that JDev is now reporting the "<security-constraint>" tag in web.xml is an error now.
  Any ideas on what's wrong?
  Thanks

  We're using SSO, so we haven't written our own login handler. The orion-application.xml has the "<jazn-web-app auth-method="SSO"/>" tag in it. We let SSO handle the login. You can write your own login handler if you wanted to. I think there's several threads about doing it. We wanted to try and use SSO and not have to write the piece to do the login.
  orion-application.xml:
  <jazn provider="LDAP"
  location="ldap://my.company.com:<port number>"
  default-realm="my_realm_here">
  <jazn-web-app auth-method="SSO"/>
  </jazn>
  The way we approached it, we have a User and Visit object. The User object just holds some data:
  public class User implements Serializable
  private String userid;
  private String name;
  private String email;
  private Date loginTime;
  The faces-config.xml is like this:
  <!--========User Bean=========-->
  <managed-bean>
  <managed-bean-name>user</managed-bean-name>
  <managed-bean-class>com.mycompany.User</managed-bean-class>
  <managed-bean-scope>session</managed-bean-scope>
  <managed-property>
  <property-name>queryService</property-name>
  <value>#{queryservicebean}</value>
  </managed-property>
  </managed-bean>
  We're using Spring to inject the "queryservicebean". You may not need this section. We're having to grab data from a database table. So you can probably skip that "<managed-property>" section.
  The section I think you are really asking about is the ViewHandler. You probably need to look at extending the ViewHandler to populate your user object.
  public class AuthenticatingViewHandler extends ViewHandler{...}
  You will probably need to look at adding code in the createView and restoreView methods.
  Something like:
  public class AuthenticatingViewHandler extends ViewHandler
  private final ViewHandler _base;
  public AuthenticatingAurepViewHandler(ViewHandler base)
  _base = base;
  public UIViewRoot createView(FacesContext facesContext, String viewId)
  viewId = loadUser(facesContext,viewId);
  return _base.createView(facesContext, viewId);
  } //END createView(FacesContext facesContext, String viewId)
  public UIViewRoot restoreView(FacesContext facesContext, String viewId)
  viewId = loadUser(facesContext,viewId);
  return _base.restoreView(facesContext,viewId);
  } //END restoreView(FacesContext facesContext, String viewId)
  --Then "loadUser" would populate your User object:
  public String loadUser(FacesContext facesContext, String viewId)
  String userId = facesContext.getExternalContext().getRemoteUser();
  User user = (User) JSFUtils.getManagedBean(ViewConstants.USER);
  -- Set the userid from OID in your User object
  user.setUserid(userId);
  -- Note: You may need to do some parsing on your user id string from OID.
  -- Do more stuff here, may switch to a differnt viewId if needed, like an error page.
  return viewId;
  } // END loadUser(FacesContext facesContext, String viewId)
  } //END AuthenticatingViewHandler
  The "JSFUtils.getManagedBean" uses the valuebinding to get the User bean from the FacesContext. We also carry a boolean isUserLoaded in the User object so we're not executing the loadUser code each time a view is rendered. The Visit object just has a navigation trace and other things of interest to us, so you may not care about it.
  A lot of this is from Adam Wiener's post on Sun's JSF forum. I think there's a couple of ways to approach this, with our requirements this works out better. If anybody else has any suggestions, it would be great to hear about them.
  As always, hope it helps out with what you are doing and thanks for the chocolate.

• Creating group dynamically in active directory depending on their role

  Hi,
  I have sycn oid and active directory using directory integration platform. Now the scenario is We have one system says hr system which take care of entering all the user information. Once it submit that information it goes to oid. Now we want that when we import all that user from oid to active directory it didn't duplicate any user as well as depending on their role it should create groups dynamically in active directory. For e.g: If user belong to Trainee category or manager category it must create Trainee group & Manager group & respective person should go into that group. I don't know whether my question is placed in right group or not. I am using filter to do this task but not able to write proper condition in "source matching filter" and "destination matching rule". Any help will be appreciated.
  Thanks,
  Sonya Sharma

  Thanks Tamim. To clear your thought, i will explain again. I have sync oid and active directory through Directory integration platform. I have created user in oid.(cn=users,dc=mycompany,dc=com). It get sync in active directory properly. Now i have created two group in active directory say for e.g Trainees and Manager. There is a field name position in oid which is a custom attribute. When i fill the information of user in oid, I have to fill "Position" attribute also. So my question is that, if i fill Trainee as a value in Position attribute and click on submit it should go in Trainee Group In active directory and not in user group. Same for manager. How can we achieve this? Can we do it through filter? Or any other way? It's needed desperately. Please help me in resolving this issue.
  Regards,
  Sunil

• How to change the "Page Flow Error - Unsatisfied Role Restriction" page

  When you try to access a page and are denied authorization to it, Weblogic automatically redirects you to a
  "Page Flow Error - Unsatisfied Role Restriction" page, on the bottom of which tells you what roles you have to be in in order to access the resource. My question is how can I change this page to match the general look and feel of my application?

  I know you asked this almost a month ago, so you may have already figured it out... but you just need to add a handler for com.bea.wlw.netui.pageflow.UnfulfilledRolesException. Something like this:
  @jpf:catch type="com.bea.wlw.netui.pageflow.UnfulfilledRolesException" path="roles-error.jsp"
  You can put it at the class level of a specific page flow, or at the class level of WEB-INF/src/Global.app, which will apply it to all page flows.
  Hope this helps.
  Rich

• How to redirect user on or before page load

  Hi,
  what is best practice for redirecting a user when he opens a specific page.
  I have a solution with a custom master page and several webparts. When a user opens my solution (every page based on the same master). 
  What i need to do now is, when the user opens the page i have to check before rendering the page and the webparts some criteria. When the user is not allowed to open the page i need to redirect him to another location.
  How could q redirect a user in a sharepoint solution?
  I thought about some ways:
  - develop a webpart (without any rendering) and put in onprerender event the check and the redirect
  - create a codebehind for the masterpage
  - create an httpmodule
  What would you prefer? How could i solve it?
  Best Regards
  Bog
  Developers Field Notes | www.bog1.de

  Hi,
  In SharePoint on-premises, I suggest you use HttpModule and HttpHandler to achieve it.
  http://sharepointgotchas.wordpress.com/tag/httpmodule/
  http://zoomsharepoint.blogspot.com/2009/09/redirect-page-using-http-module.html
  In SharePoint online, JavaScript is a better choice, we can add some JavaScript code in the master page.
  http://sharepointtipsntricks.blogspot.com/2009/06/redirect-to-another-aspx-using.html
  Best Regards
  Dennis Guo
  TechNet Community Support